English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 145615 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.66289
Category:Mandrake Local Security Checks
Title:Mandriva Security Advisory MDVSA-2009:301 (kernel)
Summary:The remote host is missing an update to kernel;announced via advisory MDVSA-2009:301.
Description:Summary:
The remote host is missing an update to kernel
announced via advisory MDVSA-2009:301.

Vulnerability Insight:
Some vulnerabilities were discovered and corrected in the Linux
2.6 kernel:

Memory leak in the appletalk subsystem in the Linux kernel 2.4.x
through 2.4.37.6 and 2.6.x through 2.6.31, when the appletalk and
ipddp modules are loaded but the ipddpN device is not found, allows
remote attackers to cause a denial of service (memory consumption)
via IP-DDP datagrams. (CVE-2009-2903)

Multiple race conditions in fs/pipe.c in the Linux kernel before
2.6.32-rc6 allow local users to cause a denial of service (NULL pointer
dereference and system crash) or gain privileges by attempting to
open an anonymous pipe via a /proc/*/fd/ pathname. (CVE-2009-3547)

The tcf_fill_node function in net/sched/cls_api.c in the netlink
subsystem in the Linux kernel 2.6.x before 2.6.32-rc5, and 2.4.37.6
and earlier, does not initialize a certain tcm__pad2 structure member,
which might allow local users to obtain sensitive information from
kernel memory via unspecified vectors. NOTE: this issue exists
because of an incomplete fix for CVE-2005-4881. (CVE-2009-3612)

net/unix/af_unix.c in the Linux kernel 2.6.31.4 and earlier allows
local users to cause a denial of service (system hang) by creating an
abstract-namespace AF_UNIX listening socket, performing a shutdown
operation on this socket, and then performing a series of connect
operations to this socket. (CVE-2009-3621)

Integer overflow in the kvm_dev_ioctl_get_supported_cpuid function
in arch/x86/kvm/x86.c in the KVM subsystem in the Linux kernel
before 2.6.31.4 allows local users to have an unspecified impact
via a KVM_GET_SUPPORTED_CPUID request to the kvm_arch_dev_ioctl
function. (CVE-2009-3638)

The nfs4_proc_lock function in fs/nfs/nfs4proc.c in the NFSv4 client in
the Linux kernel before 2.6.31-rc4 allows remote NFS servers to cause
a denial of service (NULL pointer dereference and panic) by sending a
certain response containing incorrect file attributes, which trigger
attempted use of an open file that lacks NFSv4 state. (CVE-2009-3726)

Additionally, it includes the fixes from the stable kernel version
2.6.27.39. It also fixes issues with the bnx2 module in which the
machine could become unresponsive. For details, see the package
changelog.

To update your kernel, please follow the directions linked in the references.

Affected Software/OS:
Mandrake Enterprise Server 5.0

Solution:
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

CVSS Score:
7.8

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2009-2903
36379
http://www.securityfocus.com/bid/36379
36707
http://secunia.com/advisories/36707
37105
http://secunia.com/advisories/37105
37909
http://secunia.com/advisories/37909
MDVSA-2009:329
http://www.mandriva.com/security/advisories?name=MDVSA-2009:329
SUSE-SA:2009:061
http://lists.opensuse.org/opensuse-security-announce/2009-12/msg00002.html
SUSE-SA:2009:064
http://lists.opensuse.org/opensuse-security-announce/2009-12/msg00005.html
SUSE-SA:2010:012
http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00005.html
SUSE-SA:2010:013
http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00007.html
USN-852-1
http://www.ubuntu.com/usn/USN-852-1
[oss-security] 20090914 CVE-2009-2903 kernel: appletalk: denial of service when handling IP tunnelled over DDP datagrams
http://www.openwall.com/lists/oss-security/2009/09/14/1
[oss-security] 20090914 Re: CVE-2009-2903 kernel: appletalk: denial of service when handling IP tunnelled over DDP datagrams
http://www.openwall.com/lists/oss-security/2009/09/14/2
[oss-security] 20090917 Re: CVE-2009-2903 kernel: appletalk: denial of service when handling IP tunnelled over DDP datagrams
http://www.openwall.com/lists/oss-security/2009/09/17/11
http://git.kernel.org/?p=linux/kernel/git/davem/net-next-2.6.git%3Ba=commit%3Bh=ffcfb8db540ff879c2a85bf7e404954281443414
https://bugzilla.redhat.com/show_bug.cgi?id=522331
Common Vulnerability Exposure (CVE) ID: CVE-2009-3547
20100625 VMSA-2010-0010 ESX 3.5 third party update for Service Console kernel
http://www.securityfocus.com/archive/1/512019/100/0/threaded
36901
http://www.securityfocus.com/bid/36901
37351
http://secunia.com/advisories/37351
38017
http://secunia.com/advisories/38017
38794
http://secunia.com/advisories/38794
38834
http://secunia.com/advisories/38834
ADV-2010-0528
http://www.vupen.com/english/advisories/2010/0528
FEDORA-2009-11038
https://www.redhat.com/archives/fedora-package-announce/2009-November/msg00190.html
RHSA-2009:1540
https://rhn.redhat.com/errata/RHSA-2009-1540.html
RHSA-2009:1541
https://rhn.redhat.com/errata/RHSA-2009-1541.html
RHSA-2009:1548
https://rhn.redhat.com/errata/RHSA-2009-1548.html
RHSA-2009:1550
https://rhn.redhat.com/errata/RHSA-2009-1550.html
RHSA-2009:1672
http://www.redhat.com/support/errata/RHSA-2009-1672.html
SUSE-SA:2009:054
http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00005.html
SUSE-SA:2009:056
http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00007.html
SUSE-SA:2010:001
http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00000.html
USN-864-1
http://www.ubuntu.com/usn/usn-864-1
[linux-kernel] 20091014 fs/pipe.c null pointer dereference
http://lkml.org/lkml/2009/10/14/184
[linux-kernel] 20091021 Re: [PATCH v4 1/1]: fs: pipe.c null pointer dereference + really sign off + unmangled diffs
http://lkml.org/lkml/2009/10/21/42
[oss-security] 20091103 CVE-2009-3547 kernel: fs: pipe.c null pointer dereference
http://marc.info/?l=oss-security&m=125724568017045&w=2
[security-announce] 20100303 VMSA-2010-0004 ESX Service Console and vMA third party updates
http://lists.vmware.com/pipermail/security-announce/2010/000082.html
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ad3960243e55320d74195fb85c975e0a8cc4466c
http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.32-rc6
https://bugzilla.redhat.com/show_bug.cgi?id=530490
oval:org.mitre.oval:def:11513
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11513
oval:org.mitre.oval:def:7608
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7608
oval:org.mitre.oval:def:9327
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9327
Common Vulnerability Exposure (CVE) ID: CVE-2005-4881
http://marc.info/?l=git-commits-head&m=112002138324380
http://www.openwall.com/lists/oss-security/2009/09/05/2
http://www.openwall.com/lists/oss-security/2009/09/06/2
http://www.openwall.com/lists/oss-security/2009/09/07/2
http://www.openwall.com/lists/oss-security/2009/09/17/1
http://www.openwall.com/lists/oss-security/2009/09/17/9
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11744
http://www.redhat.com/support/errata/RHSA-2009-1522.html
http://secunia.com/advisories/37084
SuSE Security Announcement: SUSE-SA:2009:064 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2009-3612
37086
http://secunia.com/advisories/37086
RHSA-2009:1670
http://www.redhat.com/support/errata/RHSA-2009-1670.html
[oss-security] 20091014 CVE request kernel: tcf_fill_node() infoleak due to typo in 9ef1d4c7
http://www.openwall.com/lists/oss-security/2009/10/14/2
[oss-security] 20091014 Re: CVE request kernel: tcf_fill_node() infoleak due to typo in 9ef1d4c7
http://www.openwall.com/lists/oss-security/2009/10/15/1
[oss-security] 20091014 Re: CVE request: kernel: tc: uninitialised kernel memory leak
http://www.openwall.com/lists/oss-security/2009/10/14/1
[oss-security] 20091015 Re: CVE request kernel: tcf_fill_node() infoleak due to typo in 9ef1d4c7
http://www.openwall.com/lists/oss-security/2009/10/15/3
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ad61df918c44316940404891d5082c63e79c256a
http://patchwork.ozlabs.org/patch/35412/
http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.32-rc5
https://bugzilla.redhat.com/show_bug.cgi?id=528868
oval:org.mitre.oval:def:10395
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10395
oval:org.mitre.oval:def:7557
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7557
Common Vulnerability Exposure (CVE) ID: CVE-2009-3621
RHSA-2009:1671
http://www.redhat.com/support/errata/RHSA-2009-1671.html
[linux-kernel] 20091019 Re: [PATCH] AF_UNIX: Fix deadlock on connecting to shutdown socket
http://lkml.org/lkml/2009/10/19/50
[oss-security] 20091019 CVE request: kernel: AF_UNIX: Fix deadlock on connecting to shutdown socket
http://www.openwall.com/lists/oss-security/2009/10/19/2
[oss-security] 20091019 Re: CVE request: kernel: AF_UNIX: Fix deadlock on connecting to shutdown socket
http://www.openwall.com/lists/oss-security/2009/10/19/4
http://git.kernel.org/?p=linux/kernel/git/davem/net-2.6.git%3Ba=commit%3Bh=77238f2b942b38ab4e7f3aced44084493e4a8675
http://patchwork.kernel.org/patch/54678/
https://bugzilla.redhat.com/show_bug.cgi?id=529626
oval:org.mitre.oval:def:6895
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6895
oval:org.mitre.oval:def:9921
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9921
Common Vulnerability Exposure (CVE) ID: CVE-2009-3638
36803
http://www.securityfocus.com/bid/36803
[oss-security] 20091023 CVE request: kvm: integer overflow in kvm_dev_ioctl_get_supported_cpuid()
http://marc.info/?l=oss-security&m=125628917011048&w=2
[oss-security] 20091023 Re: CVE request: kvm: integer overflow in kvm_dev_ioctl_get_supported_cpuid()
http://marc.info/?l=oss-security&m=125632898507373&w=2
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=6a54435560efdab1a08f429a954df4d6c740bddf
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.31.4
http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.32-rc4
https://bugzilla.redhat.com/show_bug.cgi?id=530515
linux-kernel-supportedcpuid-code-execution(53934)
https://exchange.xforce.ibmcloud.com/vulnerabilities/53934
Common Vulnerability Exposure (CVE) ID: CVE-2009-3726
36936
http://www.securityfocus.com/bid/36936
40218
http://secunia.com/advisories/40218
DSA-2005
http://www.debian.org/security/2010/dsa-2005
MDVSA-2011:051
http://www.mandriva.com/security/advisories?name=MDVSA-2011:051
RHSA-2010:0474
http://www.redhat.com/support/errata/RHSA-2010-0474.html
[linux-nfs] 20081022 kernel oops in nfs4_proc_lock
http://www.spinics.net/linux/lists/linux-nfs/msg03357.html
[oss-security] 20091105 CVE request: kernel: NULL pointer dereference in nfs4_proc_lock()
http://www.openwall.com/lists/oss-security/2009/11/05/1
[oss-security] 20091105 Re: CVE request: kernel: NULL pointer dereference in nfs4_proc_lock()
http://www.openwall.com/lists/oss-security/2009/11/05/4
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=d953126a28f97ec965d23c69fd5795854c048f30
http://www.kernel.org/pub/linux/kernel/v2.6/testing/v2.6.31/ChangeLog-2.6.31-rc4
https://bugzilla.redhat.com/show_bug.cgi?id=529227
oval:org.mitre.oval:def:6636
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6636
oval:org.mitre.oval:def:9734
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9734
CopyrightCopyright (C) 2009 E-Soft Inc.

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.